The purpose of this task is to:
· Establish system security policies and procedures
· Provide security to ensure the integrity of the technical environment and data
· Provide and ensure security for operating system and database users
· Create operating system and database level access for only those users who require such access
· Document the system security policies and procedures
1. Define and set up network security procedures.
2. Create appropriate operating system and database level access only for users who require such access.
- Analyze the types of reports, interfaces, data feeds, and customizing that is projected. From this analysis, determine the reports and interfaces that require operating system and database access, and at what level.
- Provide sufficient security to ensure the integrity of the technical environment and the data in the system.
- Set up security for technical team members to enable them to carry out their defined responsibilities.
3. Provide and ensure proper security for the operating system and the database users. Change the passwords and provide security for standard users. In SAP environments, you need to change the passwords of the following users:
- SAP users: SAP* and DDIC
- Operating system users, such as <SID>adm, ora<SID>
- Database users, such as sapr3
4. Establish an ongoing procedure for requesting operating system and database access for each system as required.
5. Set up user administration in (all) the system(s).
6. Document and maintain security procedures in the security manual.
System security at the network, operating system, database, and application level defined, set up, secured, and documented
For more information, see:
· SAPNet links to security information
· SAP Note 30724